10 matches found
CVE-2023-28850
Pimcore Perspective Editor provides an editor for Pimcore that allows users to add/remove/edit custom views and perspectives. This vulnerability has the potential to steal a user's cookie and gain unauthorized access to that user's account through the stolen cookie or redirect users to other...
GHSA-FQ8Q-55V3-2986 Pimcore Perspective Editor vulnerable to stored cross-site scripting (XSS) in perspective name
Impact This vulnerability has the potential to steal a user's cookie and gain unauthorized access to that user's account through the stolen cookie or redirect users to other malicious sites. Patches Update to version 1.5.1. Workarounds Apply the patch...
Pimcore Perspective Editor vulnerable to stored cross-site scripting (XSS) in perspective name
Impact This vulnerability has the potential to steal a user's cookie and gain unauthorized access to that user's account through the stolen cookie or redirect users to other malicious sites. Patches Update to version 1.5.1. Workarounds Apply the patch...
CVE-2023-28850
Pimcore Perspective Editor provides an editor for Pimcore that allows users to add/remove/edit custom views and perspectives. This vulnerability has the potential to steal a user's cookie and gain unauthorized access to that user's account through the stolen cookie or redirect users to other...
Code injection
Pimcore Perspective Editor provides an editor for Pimcore that allows users to add/remove/edit custom views and perspectives. This vulnerability has the potential to steal a user's cookie and gain unauthorized access to that user's account through the stolen cookie or redirect users to other...
CVE-2023-28850 Pimcore Perspective Editor vulnerable to Cross-site Scripting in perspective name
Pimcore Perspective Editor provides an editor for Pimcore that allows users to add/remove/edit custom views and perspectives. This vulnerability has the potential to steal a user's cookie and gain unauthorized access to that user's account through the stolen cookie or redirect users to other...
CVE-2023-28850
The CVE concerns Pimcore Perspective Editor vulnerability allowing stored XSS via perspective name handling, enabling cookie theft and potential unauthorized account access. Affected component: Pimcore Perspective Editor (web UI) in versions prior to 1.5.1; the issue stems from insufficient input...
CVE-2023-28850 Pimcore Perspective Editor vulnerable to Cross-site Scripting in perspective name
Pimcore Perspective Editor provides an editor for Pimcore that allows users to add/remove/edit custom views and perspectives. This vulnerability has the potential to steal a user's cookie and gain unauthorized access to that user's account through the stolen cookie or redirect users to other...
CVE-2023-28850 Pimcore Perspective Editor vulnerable to Cross-site Scripting in perspective name
Pimcore Perspective Editor provides an editor for Pimcore that allows users to add/remove/edit custom views and perspectives. This vulnerability has the potential to steal a user's cookie and gain unauthorized access to that user's account through the stolen cookie or redirect users to other...
PT-2023-22007 · Pimcore · Pimcore Perspective Editor
Name of the Vulnerable Software and Affected Versions: Pimcore Perspective Editor versions prior to 1.5.1 Description: This issue has the potential to steal a user's cookie and gain unauthorized access to that user's account through the stolen cookie or redirect users to other malicious sites...